Threat Database Malware Tarrask Malware

Tarrask Malware

A newly discovered malware threat named the Tarrask Malware is infecting networks via unpatched zero-day vulnerabilities. The Tarrask Malware is being controlled by an Advanced Persistent Threat known as HAFNIUM, a well-known China-supported criminal group. The Tarrask Malware can gain persistence by taking advantage of the Windows Task Scheduler service.

The Tarrask Malware creates concealed scheduled assignments and subsequent actions to delete the assignment attributes to conceal scheduled tasks from conventional identification software. These concealed scheduled assignments are used by the Tarrask Malware to keep accessing the infected machines. Infected users should try to find these scheduled assignments by inspecting manually the Windows Registry and looking for any scheduled assignments that do not possess an SD Value inside their Task Key.

Although the Tarrask Malware's power will be diminished greatly as soon as the vulnerabilities are patched, network admins should take urgent measures to shield their networks against such a threat by keeping all software updated and patched and having a strong anti-malware product working 24/7 since the Tarrask Malware poses a real threat to the networks it manages to infect.


Most Viewed